Pre-approved accounts using OpenID

I recently read Simon Willison’s article called Six cool things you can build with OpenID and became very interested in the concept of “pre-approving” user accounts by using OpenID.

For those not familiar with OpenID, I will give a short introduction, although it’s explained in slightly more detail on the OpenID How-it-works page. OpenID is a way of indentifying yourself by using a unique URI, similar to how web sites have unique URIs that you can visit. As an example, I could make my OpenID “”. Then, if your blog was OpenID-enabled, and I wanted to leave a comment for you, I would simply enter my OpenID URI “” into your form. I would then go through some steps to confirm that I was the owner of my OpenID, and once I had done so, I would be allowed to post comments on your blog, without having to register with you. I can use my OpenID on any OpenID-enabled site in exactly the same way.

Traditionally, web applications require you to register for an account before you can begin performing actions using your account. When you create a new account, you typically have to validate your account by email, and once approved, a database entry is created and your account can be used. An example will make this concept clearer:

Let’s say I own a photo gallery, where I like to upload photos from events I attend. Recently I travelled with some friends to somewhere hot (wouldn’t that be nice?) and lots of people were taking photos while on vacation. Now that I’m back at home, I would like to allow the people I travelled with to upload photos to my photo gallery. Prior to OpenID, the best I could do was ask each of them to register for an account at my site and once registered (and a user row created in my database) I could then give each user permission to upload their photos to my gallery. Even if I know that Bob usually chooses the username “bob” when registering at web sites, there are several reasons why I can’t create that account for him ahead of time. What if there is someone already registered with that name, or what if Bob doesn’t want people to know his real name?

If my site is OpenID-enabled, and I happen to know Bob’s OpenID, “”, then I am able to create and preapprove his user account before he even visits my gallery site giving him permission to upload photos right away. I can do this because I know that no one else can log in as “”. I can pre-approve Bob for an account on my site and begin performing actions on his account all before he logs in for the first time. Perhaps I want to write him a custom welcome message or tag him in photos I’ve uploaded. It’s all possible thanks to pre-approval using OpenID.

This concept of creating user accounts before the users actually visit your site has plenty of uses. It has obvious uses for social networking. I believe that viral marketing will thrive with this concept. My friends will feel more pressure to start using a web site if I have already added information to their account. Is this a good thing or bad?

Another idea that I will present in closing: If more sites embrace OpenID, then perhaps we will also start seeing data shared between sites. Two sites that I frequent are and Maybe one day, the two sites will share information about me (with my permission of course) and Amazon will suggest books on the subject of my recent purchase at Home Depot.

One reply on “Pre-approved accounts using OpenID”

Leave a Reply to winge Cancel reply

Your email address will not be published. Required fields are marked *